LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Virtualization and Cloud (https://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/)
-   -   libvirt: NSS loses track of hostname <-> IP mapping when switching VM between interfaces (https://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/libvirt-nss-loses-track-of-hostname-ip-mapping-when-switching-vm-between-interfaces-4175621193/)

atelszewski 01-08-2018 08:58 AM
libvirt: NSS loses track of hostname <-> IP mapping when switching VM between interfaces
 
Hi,

I have 2 networks defined in the following way:

1. Network with Internet access (virbr0):
Code:
$ virsh net-dumpxml default
<network>
  <name>default</name>
  <uuid>20675303-c4d4-47ff-b48e-7c099b92dc89</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr0' stp='off' delay='0'/>
  <mac address='52:54:00:b9:28:35'/>
  <domain name='kvm' localOnly='yes'/>
  <dns>
    <host ip='192.168.122.1'>
      <hostname>pc-andtel</hostname>
    </host>
  </dns>
  <ip address='192.168.122.1' netmask='255.255.255.240'>
    <dhcp>
      <range start='192.168.122.2' end='192.168.122.14'/>
    </dhcp>
  </ip>
</network>
2. Isolated network, guests can only access KVM host (virbr1):
Code:
$ virsh net-dumpxml hostonly
<network>
  <name>hostonly</name>
  <uuid>a24cc21a-0b72-4922-b2ab-e0a10a7d372d</uuid>
  <bridge name='virbr1' stp='off' delay='0'/>
  <mac address='52:54:00:67:cf:fa'/>
  <domain name='kvm' localOnly='yes'/>
  <dns>
    <host ip='192.168.122.17'>
      <hostname>pc-andtel</hostname>
    </host>
  </dns>
  <ip address='192.168.122.17' netmask='255.255.255.240'>
    <dhcp>
      <range start='192.168.122.18' end='192.168.122.30'/>
    </dhcp>
  </ip>
</network>
When I want the guest to have Internet access I start it with virbr0 interface, otherwise I start it with virbr1.

I have NSS configured, so that guests are accessible by host names.

Now, say, the VM is configured with virbr0 and started. It works as expected:
Code:
$ virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2018-01-08 16:45:02  52:54:00:ae:25:80  ipv4      192.168.122.11/28        slack64-14p2    ff:00:ae:25:80:00:01:00:01:21:e2:c9:a6:52:54:00:ae:25:80

$ ping slack64-14p2
PING slack64-14p2 (192.168.122.11) 56(84) bytes of data.
64 bytes from 192.168.122.11: icmp_seq=1 ttl=64 time=0.146 ms
64 bytes from 192.168.122.11: icmp_seq=2 ttl=64 time=0.367 ms
64 bytes from 192.168.122.11: icmp_seq=3 ttl=64 time=0.260 ms
64 bytes from 192.168.122.11: icmp_seq=4 ttl=64 time=0.232 ms
^C
--- slack64-14p2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3043ms
rtt min/avg/max/mdev = 0.146/0.251/0.367/0.079 ms
And now, say, the VM is configured with virbr1 and started. It works as expected:
Code:
$ virsh net-dhcp-leases hostonly
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2018-01-08 16:47:34  52:54:00:ae:25:80  ipv4      192.168.122.27/28        slack64-14p2    ff:00:ae:25:80:00:01:00:01:21:e2:c9:a6:52:54:00:ae:25:80

$ ping slack64-14p2           
PING slack64-14p2 (192.168.122.27) 56(84) bytes of data.
64 bytes from 192.168.122.27: icmp_seq=1 ttl=64 time=0.258 ms
64 bytes from 192.168.122.27: icmp_seq=2 ttl=64 time=0.318 ms
64 bytes from 192.168.122.27: icmp_seq=3 ttl=64 time=0.331 ms
64 bytes from 192.168.122.27: icmp_seq=4 ttl=64 time=0.325 ms
^C
--- slack64-14p2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3082ms
rtt min/avg/max/mdev = 0.258/0.308/0.331/0.029 ms

And now, I configure the interface back to virbr0 and start the machine and it does not work:
Code:
$ ping slack64-14p2
PING slack64-14p2 (192.168.122.27) 56(84) bytes of data.
From 192.168.122.17 icmp_seq=10 Destination Host Unreachable
From 192.168.122.17 icmp_seq=11 Destination Host Unreachable
From 192.168.122.17 icmp_seq=12 Destination Host Unreachable
^C
--- slack64-14p2 ping statistics ---
15 packets transmitted, 0 received, +3 errors, 100% packet loss, time 14332ms
The problem is that, NSS returns hostname for virbr1, when I would expect it to return it for virbr0 (both the leases are still active):
Code:
$ virsh net-dhcp-leases default
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2018-01-08 16:50:30  52:54:00:ae:25:80  ipv4      192.168.122.11/28        slack64-14p2    ff:00:ae:25:80:00:01:00:01:21:e2:c9:a6:52:54:00:ae:25:80

$ virsh net-dhcp-leases hostonly
 Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
-------------------------------------------------------------------------------------------------------------------
 2018-01-08 16:47:34  52:54:00:ae:25:80  ipv4      192.168.122.27/28        slack64-14p2    ff:00:ae:25:80:00:01:00:01:21:e2:c9:a6:52:54:00:ae:25:80
Is it possible to solve this problem while maintaining the functionality?

Or if not, is there a way to somehow flush the cache?
Preferably something that would take hostname or dom name as an argument.

For the moment, the only solution I have is:
1. Stop virtual networks.
2. Remove /var/lib/libvirt/dnsmasq/virbr*.status
3. Start the network.


Thanks in advance!

--
Best regards,
Andrzej Telszewski


All times are GMT -5. The time now is 02:37 PM.